Ukukhishwa kwegatsha elikhulu nginx 1.23.4 sekwenziwe, lapho ukuthuthukiswa kwezici ezintsha kuqhubeka. Egatsheni elizinzile le-1.22.x, eligcinwa ngokufana, izinguquko ezihlobene kuphela nokuqedwa kweziphazamisi ezinkulu nokuba sengozini ezenziwayo. Esikhathini esizayo, ngesisekelo segatsha eliyinhloko 1.23.x, igatsha elizinzile 1.24 lizokwakhiwa.
Phakathi kwezinguquko:
- Ngokuzenzakalelayo, iphrothokholi ye-TLSv1.3 ivuliwe.
- Isexwayiso manje siyaboniswa uma izilungiselelo zephrothokholi ezisetshenziselwa isokhethi yokulalela zikhishwa.
- Uma iklayenti lisebenzisa imodi "yokufaka amapayipi", ukuxhumeka kuyavalwa ngesikhathi sisalinde idatha eyengeziwe (kuvala kancane).
- Usekelo olungeziwe lobubanzi bebhayithi kumojuli ye-ngx_http_gzip_static_module.
- Izinga lokungena lamaphutha e-SSL "ubude bedatha bude kakhulu", "ubude bufushane kakhulu", "inguqulo yefa elibi", "awekho ama-algorithms wesiginesha eyabiwe", "ubude benhlabamkhosi embi", "sigalgs engekho" ishintshiwe isuka kokuthi "crit" yayiswa kokuthi "crit" "ulwazi" isandiso", "ubude obubethelwe bude kakhulu", "ubude obubi", "isibuyekezo sikakhiye omubi", "idatha yokuxhawula okuxubile nokungaxhawulani", "ama-cc atholwe kusenesikhathi", "idatha phakathi kwama-ccs nokuqedwa", "ubude bephakethe yinde kakhulu" , "izixwayiso eziningi kakhulu", "qopha kuncane kakhulu" futhi "uthole i-fin ngaphambi kwe-ccs".
- Ukusebenza kobubanzi bembobo kumyalelo wokulalela kuthuthukisiwe.
- Inkinga yokukhetha indawo engalungile uma usebenzisa indawo yesiqalo eside kunezinhlamvu ezingu-255 ixazululiwe.
- Amamojula we-ngx_http_autoindex_module kanye ne-ngx_http_dav_module, kanye nomyalelo ohlanganisayo, manje asekela izinhlamvu ezingezona eze-ASCII emagameni wefayela ku-Windows platform.
- Kulungiswe ukuvuza kwesokhethi lapho usebenzisa i-HTTP/2 kanye nomyalelo we-error_page ukuqondisa kabusha amaphutha angama-400.
Source: opennet.ru